diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/actionmailer_patches.rb | 15 | ||||
| -rw-r--r-- | lib/configuration.rb | 1 | ||||
| -rw-r--r-- | lib/tasks/config_files.rake | 26 | ||||
| -rw-r--r-- | lib/tasks/import.rake | 78 | ||||
| -rw-r--r-- | lib/tasks/stats.rake | 19 | ||||
| -rw-r--r-- | lib/tasks/themes.rake | 2 | ||||
| -rw-r--r-- | lib/theme.rb | 3 | ||||
| -rw-r--r-- | lib/whatdotheyknow/strip_empty_sessions.rb | 4 |
8 files changed, 135 insertions, 13 deletions
diff --git a/lib/actionmailer_patches.rb b/lib/actionmailer_patches.rb new file mode 100644 index 000000000..600d3c8cc --- /dev/null +++ b/lib/actionmailer_patches.rb @@ -0,0 +1,15 @@ +# Monkey patch for CVE-2013-4389 +# derived from http://seclists.org/oss-sec/2013/q4/118 to fix +# a possible DoS vulnerability in the log subscriber component of +# Action Mailer. + +require 'action_mailer' +module ActionMailer + class LogSubscriber < ActiveSupport::LogSubscriber + def deliver(event) + recipients = Array.wrap(event.payload[:to]).join(', ') + info("\nSent mail to #{recipients} (#{event.duration.round(1)}ms)") + debug(event.payload[:mail]) + end + end +end diff --git a/lib/configuration.rb b/lib/configuration.rb index ab985c8bf..fba70f27c 100644 --- a/lib/configuration.rb +++ b/lib/configuration.rb @@ -69,6 +69,7 @@ module AlaveteliConfiguration :TWITTER_WIDGET_ID => false, :USE_DEFAULT_BROWSER_LANGUAGE => true, :USE_GHOSTSCRIPT_COMPRESSION => false, + :USE_MAILCATCHER_IN_DEVELOPMENT => true, :UTILITY_SEARCH_PATH => ["/usr/bin", "/usr/local/bin"], :VARNISH_HOST => '', :WORKING_OR_CALENDAR_DAYS => 'working', diff --git a/lib/tasks/config_files.rake b/lib/tasks/config_files.rake index d3843f3a4..d0e4001f0 100644 --- a/lib/tasks/config_files.rake +++ b/lib/tasks/config_files.rake @@ -11,11 +11,7 @@ namespace :config_files do var = $1.to_sym replacement = replacements[var] if replacement == nil - if ! (skip[var] == true) - raise "Unhandled variable in .ugly file: $#{var}" - else - match - end + raise "Unhandled variable in .ugly file: $#{var}" else replacements[var] end @@ -52,5 +48,23 @@ namespace :config_files do end end + desc 'Convert Debian .ugly crontab file in config to a form suitable for installing in /etc/cron.d' + task :convert_crontab => :environment do + example = 'rake config_files:convert_crontab DEPLOY_USER=deploy VHOST_DIR=/dir/above/alaveteli VCSPATH=alaveteli SITE=alaveteli CRONTAB=config/crontab-example' + check_for_env_vars(['DEPLOY_USER', + 'VHOST_DIR', + 'VCSPATH', + 'SITE', + 'CRONTAB'], example) + replacements = { + :user => ENV['DEPLOY_USER'], + :vhost_dir => ENV['VHOST_DIR'], + :vcspath => ENV['VCSPATH'], + :site => ENV['SITE'] + } + convert_ugly(ENV['CRONTAB'], replacements).each do |line| + puts line + end + end -end
\ No newline at end of file +end diff --git a/lib/tasks/import.rake b/lib/tasks/import.rake new file mode 100644 index 000000000..0e8397fde --- /dev/null +++ b/lib/tasks/import.rake @@ -0,0 +1,78 @@ +require 'csv' +require 'tempfile' + +namespace :import do + + desc 'Import public bodies from CSV provided on standard input' + task :import_csv => :environment do + dryrun = ENV['DRYRUN'] != '0' + if dryrun + STDERR.puts "Only a dry run; public bodies will not be created" + end + + tmp_csv = nil + Tempfile.open('alaveteli') do |f| + f.write STDIN.read + tmp_csv = f + end + + number_of_rows = 0 + + STDERR.puts "Preliminary check for ambiguous names or slugs..." + + # Check that the name and slugified version of the name are + # unique: + url_part_count = Hash.new { 0 } + name_count = Hash.new { 0 } + reader = CSV.open tmp_csv.path, 'r' + header_line = reader.shift + headers = header_line.collect { |h| h.gsub /^#/, ''} + + reader.each do |row_array| + row = Hash[headers.zip row_array] + name = row['name'] + url_part = MySociety::Format::simplify_url_part name, "body" + name_count[name] += 1 + url_part_count[url_part] += 1 + number_of_rows += 1 + end + + non_unique_error = false + + [[name_count, 'name'], + [url_part_count, 'url_part']].each do |counter, field| + counter.sort.map do |name, count| + if count > 1 + non_unique_error = true + STDERR.puts "The #{field} #{name} was found #{count} times." + end + end + end + + next if non_unique_error + + STDERR.puts "Now importing the public bodies..." + + # Now it's (probably) safe to try to import: + errors, notes = PublicBody.import_csv(tmp_csv.path, + tag='', + tag_behaviour='replace', + dryrun, + editor="#{ENV['USER']} (Unix user)", + I18n.available_locales) do |row_number, fields| + percent_complete = (100 * row_number.to_f / number_of_rows).to_i + STDERR.print "#{row_number} out of #{number_of_rows} " + STDERR.puts "(#{percent_complete}% complete)" + end + + if errors.length > 0 + STDERR.puts "Import failed, with the following errors:" + errors.each do |error| + STDERR.puts " #{error}" + end + else + STDERR.puts "Done." + end + + end +end diff --git a/lib/tasks/stats.rake b/lib/tasks/stats.rake index 4eda27289..38eb15996 100644 --- a/lib/tasks/stats.rake +++ b/lib/tasks/stats.rake @@ -1,8 +1,14 @@ namespace :stats do - desc 'Produce transaction stats' + desc 'Produce monthly transaction stats for a period starting START_YEAR' task :show => :environment do - month_starts = (Date.new(2009, 1)..Date.new(2011, 8)).select { |d| d.day == 1 } + example = 'rake stats:show START_YEAR=2009 [START_MONTH=3 END_YEAR=2012 END_MONTH=10]' + check_for_env_vars(['START_YEAR'], example) + start_year = (ENV['START_YEAR']).to_i + start_month = (ENV['START_MONTH'] || 1).to_i + end_year = (ENV['END_YEAR'] || Time.now.year).to_i + end_month = (ENV['END_MONTH'] || Time.now.month).to_i + month_starts = (Date.new(start_year, start_month)..Date.new(end_year, end_month)).select { |d| d.day == 1 } headers = ['Period', 'Requests sent', 'Annotations added', @@ -94,7 +100,7 @@ namespace :stats do desc 'Update statistics in the public_bodies table' task :update_public_bodies_stats => :environment do verbose = ENV['VERBOSE'] == '1' - PublicBody.all.each do |public_body| + PublicBody.find_each(:batch_size => 10) do |public_body| puts "Counting overdue requests for #{public_body.name}" if verbose # Look for values of 'waiting_response_overdue' and @@ -102,7 +108,12 @@ namespace :stats do # described_state column, and instead need to be calculated: overdue_count = 0 very_overdue_count = 0 - InfoRequest.find_each(:conditions => {:public_body_id => public_body.id}) do |ir| + InfoRequest.find_each(:batch_size => 200, + :conditions => { + :public_body_id => public_body.id, + :awaiting_description => false, + :prominence => 'normal' + }) do |ir| case ir.calculate_status when 'waiting_response_very_overdue' very_overdue_count += 1 diff --git a/lib/tasks/themes.rake b/lib/tasks/themes.rake index a8d16f108..1eed92f1e 100644 --- a/lib/tasks/themes.rake +++ b/lib/tasks/themes.rake @@ -85,7 +85,7 @@ namespace :themes do def install_theme(theme_url, verbose, deprecated=false) deprecation_string = deprecated ? " using deprecated THEME_URL" : "" - theme_name = File.basename(theme_url, '.git') + theme_name = theme_url_to_theme_name theme_url puts "Installing theme #{theme_name}#{deprecation_string} from #{theme_url}" uninstall(theme_name, verbose) if installed?(theme_name) install_theme_using_git(theme_name, theme_url, verbose) diff --git a/lib/theme.rb b/lib/theme.rb new file mode 100644 index 000000000..4f03b5d99 --- /dev/null +++ b/lib/theme.rb @@ -0,0 +1,3 @@ +def theme_url_to_theme_name(theme_url) + File.basename theme_url, '.git' +end diff --git a/lib/whatdotheyknow/strip_empty_sessions.rb b/lib/whatdotheyknow/strip_empty_sessions.rb index e162acf67..6d175ca98 100644 --- a/lib/whatdotheyknow/strip_empty_sessions.rb +++ b/lib/whatdotheyknow/strip_empty_sessions.rb @@ -1,9 +1,9 @@ module WhatDoTheyKnow - + class StripEmptySessions ENV_SESSION_KEY = "rack.session".freeze HTTP_SET_COOKIE = "Set-Cookie".freeze - STRIPPABLE_KEYS = [:session_id, :_csrf_token, :locale] + STRIPPABLE_KEYS = ['session_id', '_csrf_token', 'locale'] def initialize(app, options = {}) @app = app |